SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 2fc9afd5d4fb22ea31258424c2444af7c7a01139.

Database Entry

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2016-05-01 17:28:11	381728f1f3e2f2f96b9dd7733a3fdb9e	12/57 (21.05%)	Shylock	198.105.117.128:80
2016-05-01 17:28:11	381728f1f3e2f2f96b9dd7733a3fdb9e	12/57 (21.05%)	Shylock	198.105.117.128:80
2016-05-01 12:16:28	ffaf5e512af219f5dd7b3df501e5d7d3	3/56 (5.36%)	Matsnu	198.105.117.128:80
2016-05-01 12:16:28	ffaf5e512af219f5dd7b3df501e5d7d3	3/56 (5.36%)	Matsnu	198.105.117.128:80
2016-04-30 18:42:48	d97252879ccba25006a481088b6386e4	n/a		198.105.117.128:80
2016-04-30 18:42:48	d97252879ccba25006a481088b6386e4	n/a		198.105.117.128:80
2016-04-30 16:14:30	5be1c129ca67ddae1d51eed086435ba2	22/57 (38.60%)		198.105.117.128:80
2016-04-30 16:14:30	5be1c129ca67ddae1d51eed086435ba2	22/57 (38.60%)		198.105.117.128:80
2016-04-30 01:59:34	e71650c43de429c13f1962fa9e5fe21b	n/a	Gootkit	198.105.117.128:80
2016-04-30 01:59:34	e71650c43de429c13f1962fa9e5fe21b	n/a	Gootkit	198.105.117.128:80
2016-04-29 21:16:16	467c77b32192e7b2bfab341d973a9a44	n/a	Gootkit	198.105.117.128:80
2016-04-29 21:16:16	467c77b32192e7b2bfab341d973a9a44	n/a	Gootkit	198.105.117.128:80
2016-04-29 03:53:47	27d56b90f51a9b34f86fd4dbac0d6a20	n/a	Gootkit	198.105.117.128:80
2016-04-29 03:53:47	27d56b90f51a9b34f86fd4dbac0d6a20	n/a	Gootkit	198.105.117.128:80
2016-04-28 18:32:53	969a807c9763c9c0d5111a1e179be70d	n/a	Shylock	198.105.117.128:80
2016-04-28 18:32:53	969a807c9763c9c0d5111a1e179be70d	n/a	Shylock	198.105.117.128:80
2016-04-27 13:54:42	fbabcf8af31430f1a69b2afbf8ae1872	n/a	Gootkit	198.105.117.128:80
2016-04-27 13:54:42	fbabcf8af31430f1a69b2afbf8ae1872	n/a	Gootkit	198.105.117.128:80

# of entries: 18 (max: 100)